/**
*
* @param array $response
*/
protected function sendResponse(array $response = array())
{
if (isset($response['json']) && is_array($response['json'])) {
$this->router->response()->json($response['json']);
}
}
/**
*
* @param type $requestMethod
* @param type $requestVersion
*/
public function executeRoute($requestMethod, $requestVersion = null)
{
try {
$routeVersion = Router::getApiVersion($requestMethod);
if (in_array($requestMethod, static::$routeAuth)) {
$headers = $this->request->headers();
if (!isset($headers['centreon-x-token'])) {
throw new BadRequestException('Missing Token', 'The Token for the request is not present');
}
$token = $headers['centreon-x-token'];
if (!\CentreonAdministration\Repository\UserRepository::checkApiToken($token)) {
/* method auth */
throw new UnauthorizedException('Invalid Token', 'The Token is not valid');
}
}
$methodName = null;
$currentVersion = null;
if (isset($routeVersion[$requestVersion])) {
$methodName = $routeVersion[$requestVersion];
} elseif (isset($routeVersion)) {
foreach ($routeVersion as $version => $method) {
if (is_null($requestVersion)) {
if (is_null($currentVersion)) {
$currentVersion = $version;
$methodName = $method;
} else {
if (version_compare($currentVersion, $version, '>')) {
$currentVersion = $version;
$methodName = $method;
}
}
} else {
if (version_compare($version, $requestVersion, '<')) {
if (is_null($currentVersion)) {
$currentVersion = $version;
$methodName = $method;
} else {
if (version_compare($currentVersion, $version, '>')) {
$currentVersion = $version;
$methodName = $method;
}
}
}
}
}
}
if (is_null($methodName)) {
throw new Exception\Http\NotFoundException('Action does not exist', 'The requested action does not exist');
}
// Exexcute Api Method
$calledMethod = function ($className, $methodName, $request) {
$classToCall = $className::getHttpCoreInstance($request);
$classToCall->{$methodName}();
};
$className = get_called_class();
$calledMethod($className, $methodName, $this->request);
} catch (HttpException $ex) {
$errorObject = array('id' => '', 'href' => '', 'status' => $ex->getCode(), 'code' => $ex->getInternalCode(), 'title' => $ex->getTitle(), 'detail' => $ex->getMessage(), 'links' => '', 'path' => '');
$this->router->response()->code($ex->getCode())->json($errorObject);
} catch (Exception $ex) {
$this->router->response()->code(500);
}
}
/**
* Init routes
*/
private function initRoutes()
{
$this->di->set('router', function () {
$router = new Router();
/* Add middleroute for CSRF token */
$router->respond(function ($request, $response, $service, $app) {
/* Get the token */
$headers = $request->headers();
$tokenValue = '';
foreach (Csrf::getHeaderNames() as $headerName) {
if ($headers->exists($headerName)) {
$tokenValue = $headers[$headerName];
break;
}
}
$toSend = false;
/*
* Test if must test the token
* @todo better management with middleware global implementation
*/
$excludeRoute = array('/api');
$matchingRoute = array_filter($excludeRoute, function ($route) use($request) {
$route = rtrim(Di::getDefault()->get('config')->get('global', 'base_url'), '/') . $route;
if ($route == substr($request->pathname(), 0, strlen($route))) {
return true;
}
return false;
});
if (count($matchingRoute) == 0) {
if (false === Csrf::checkToken($tokenValue, $request->method())) {
$toSend = true;
$response->code(403)->json(array("message" => "CSRF Token is no valid"));
$response->send();
// @todo Exception
exit;
} else {
if (Csrf::mustBeGenerate($request->method())) {
/* Generate and send a new csrf cookie */
$response->cookie(Csrf::getCookieName(), Csrf::generateToken(), 0);
$response->sendCookies(true);
}
}
}
});
/* Parsing route */
$router->parseRoutes();
return $router;
});
}